jeremylong

structured-text-tools

A list of command-line tools for manipulating structured text data

librosa

Python library for audio and music analysis

DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

weggli

weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.

jobrunr

An extremely easy way to perform background processing in Java. Backed by persistent storage. Open and free for commercial use.

Krakatau

Java decompiler, assembler, and disassembler

github-api

Java API for GitHub

checker-framework

Pluggable type-checking for Java

enjarify

gradle-task-tree

Gradle plugin that adds a 'taskTree' task that prints task dependency tree

dependency-check-gradle

The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.

gradle-android-scala-plugin

gradle-android-scala-plugin adds scala language support to official gradle android plugin

sh00t

Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.

gitgat

Evaluate source control (GitHub) security posture

delete-workflow-runs

An action to delete workflow runs in a repository.

phosphor

Phosphor: Dynamic Taint Tracking for the JVM

violations-lib

Java library for parsing report files from static code analysis.

tree-sitter-java

Java grammar for tree-sitter

Open-Vulnerability-Project

Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnerabilities, etc.)

maven-indexer

Apache Maven Indexer

OneSignal-Gradle-Plugin

Use with OneSignal-Android-SDK to help integrate it into your Android Studio or Gradle project. https://onesignal.com

semver4j

Semantic versioning for Java apps.

jvmxray

Externalize Java application access to protected resources as log messages.

codemodder-java

a framework for building java codemods

violation-comments-to-github-lib

A library for commenting GitHub with violations from static code analyzer reports.

malicious-dependencies

Demonstrates how a malicious dependency could negatively impact the build output.

java-security-toolkit

A set of security APIs meant to help secure Java code

servicenow-codesanity

Contains instance scan checks to validate source code.

upload-bintray-action

Bintray file uploader action

java-github-webhook

JAX RS WS Interfaces for Github webhooks